Python
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Python product.
RSS Feeds for Python security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Python products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Python Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2025 there have been 1 vulnerability in Python with an average score of 8.8 out of ten. Last year, in 2024 Python had 5 security vulnerabilities published. Right now, Python is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 1.08.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 1 | 8.80 |
2024 | 5 | 7.73 |
2023 | 17 | 6.50 |
2022 | 22 | 7.56 |
2021 | 27 | 7.60 |
2020 | 22 | 7.67 |
2019 | 24 | 7.42 |
2018 | 11 | 7.68 |
It may take a day or so for new Python vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Python Security Vulnerabilities
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages
CVE-2025-47273
8.8 - High
- May 17, 2025
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue.
Directory traversal
Python urllib.parse SSRF Vulnerability via Improper Host Validation
CVE-2024-11168
- November 12, 2024
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser.
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly
CVE-2024-9287
7.8 - High
- October 22, 2024
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
Command Injection
There is a MEDIUM severity vulnerability affecting CPython
CVE-2024-6232
7.5 - High
- September 03, 2024
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
ReDoS
There is a LOW severity vulnerability affecting CPython, specifically the
'http.cookies' standard library module
CVE-2024-7592
7.5 - High
- August 19, 2024
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.
ReDoS
Pillow through 10.1.0
CVE-2023-50447
8.1 - High
- January 19, 2024
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
Code Injection
An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms
CVE-2023-6507
4.9 - Medium
- December 08, 2023
An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the `extra_groups=` parameter with an empty list as a value (ie `extra_groups=[]`) the logic regressed to not call `setgroups(0, NULL)` before calling `exec()`, thus not dropping the original processes' groups before starting the new process. There is no issue when the parameter isn't used or when any value is used besides an empty list. This issue only impacts CPython processes run with sufficient privilege to make the `setgroups` system call (typically `root`).
An issue was discovered in Pillow before 10.0.0
CVE-2023-44271
7.5 - High
- November 03, 2023
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument.
Allocation of Resources Without Limits or Throttling
urllib3 is a user-friendly HTTP client library for Python
CVE-2023-45803
4.2 - Medium
- October 17, 2023
urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body (like `POST`) to `GET` as is required by HTTP RFCs. Although this behavior is not specified in the section for redirects, it can be inferred by piecing together information from different sections and we have observed the behavior in other major HTTP client implementations like curl and web browsers. Because the vulnerability requires a previously trusted service to become compromised in order to have an impact on confidentiality we believe the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies, if this is the case then this vulnerability isn't exploitable. Both of the following conditions must be true to be affected by this vulnerability: 1. Using urllib3 and submitting sensitive information in the HTTP request body (such as form data or JSON) and 2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised. This issue has been addressed in versions 1.26.18 and 2.0.7 and users are advised to update to resolve this issue. Users unable to update should disable redirects for services that aren't expecting to respond with redirects with `redirects=False` and disable automatic redirects with `redirects=False` and handle 301, 302, and 303 redirects manually by stripping the HTTP request body.
Information Disclosure
urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e
CVE-2018-25091
6.1 - Medium
- October 15, 2023
urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the authorization header to be exposed to unintended hosts or transmitted in cleartext. NOTE: this issue exists because of an incomplete fix for CVE-2018-20060 (which was case-sensitive).
Open Redirect
urllib3 is a user-friendly HTTP client library for Python
CVE-2023-43804
8.1 - High
- October 04, 2023
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.
Information Disclosure
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5
CVE-2023-40217
5.3 - Medium
- August 25, 2023
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)
An issue was discovered in Python 3.11 through 3.11.4
CVE-2023-41105
7.5 - High
- August 23, 2023
An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.
Untrusted Path
An XML External Entity (XXE) issue was discovered in Python through 3.9.1
CVE-2022-48565
9.8 - Critical
- August 22, 2023
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
XXE
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1
CVE-2022-48566
5.9 - Medium
- August 22, 2023
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.
Race Condition
A use-after-free exists in Python through 3.9
CVE-2022-48560
7.5 - High
- August 22, 2023
A use-after-free exists in Python through 3.9 via heappushpop in heapq.
Dangling pointer
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack
CVE-2022-48564
6.5 - Medium
- August 22, 2023
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
Resource Exhaustion
An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio
CVE-2023-38898
5.3 - Medium
- August 15, 2023
An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component. NOTE: this is disputed by the vendor because (1) neither 3.7 nor any other release is affected (it is a bug in some 3.12 pre-releases); (2) there are no common scenarios in which an adversary can call _asyncio._swap_current_task but does not already have the ability to call arbitrary functions; and (3) there are no common scenarios in which sensitive information, which is not already accessible to an adversary, becomes accessible through this bug.
The legacy email.utils.parseaddr function in Python through 3.11.4
CVE-2023-36632
7.5 - High
- June 25, 2023
The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. NOTE: email.utils.parseaddr is categorized as a Legacy API in the documentation of the Python email package. Applications should instead use the email.parser.BytesParser or email.parser.Parser class. NOTE: the vendor's perspective is that this is neither a vulnerability nor a bug. The email package is intended to have size limits and to throw an exception when limits are exceeded; they were exceeded by the example demonstration code.
Stack Exhaustion
CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free
CVE-2023-33595
5.5 - Medium
- June 07, 2023
CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.
Dangling pointer
Requests is a HTTP library
CVE-2023-32681
6.1 - Medium
- May 26, 2023
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.
Information Disclosure
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character
CVE-2023-27043
5.3 - Medium
- April 19, 2023
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
Improper Input Validation
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL
CVE-2023-24329
7.5 - High
- February 17, 2023
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
Improper Input Validation
Python Packaging Authority (PyPA) setuptools before 65.5.1
CVE-2022-40897
5.9 - Medium
- December 23, 2022
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
ReDoS
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
CVE-2022-45198
7.5 - High
- November 14, 2022
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
Pillow before 9.3.0
CVE-2022-45199
7.5 - High
- November 14, 2022
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
Resource Exhaustion
An issue was discovered in Python before 3.11.1
CVE-2022-45061
7.5 - High
- November 09, 2022
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
Inefficient Algorithmic Complexity
Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration
CVE-2022-42919
7.8 - High
- November 07, 2022
Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow
CVE-2022-37454
9.8 - Critical
- October 21, 2022
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
Integer Overflow or Wraparound
A flaw was found in python
CVE-2020-10735
7.5 - High
- September 09, 2022
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.
Incorrect Type Conversion or Cast
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode
CVE-2021-4189
5.3 - Medium
- August 24, 2022
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.
Unchecked Return Value
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path
CVE-2021-28861
7.4 - High
- August 23, 2022
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
Open Redirect
A vulnerability classified as problematic was found in Python 2.7.13
CVE-2017-20052
7.8 - High
- June 16, 2022
A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
DLL preloading
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.
CVE-2022-30595
9.8 - Critical
- May 25, 2022
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.
Memory Corruption
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
CVE-2022-28470
9.8 - Critical
- May 08, 2022
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
TkVideoplayer is a simple library to play video files in tkinter
CVE-2022-24902
4.3 - Medium
- May 06, 2022
TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later.
Resource Exhaustion
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file
CVE-2015-20107
7.6 - High
- April 13, 2022
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
Command Injection
Pillow before 9.0.1
CVE-2022-24303
9.1 - Critical
- March 28, 2022
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.
zlib before 1.2.12 allows memory corruption when deflating (i.e
CVE-2018-25032
7.5 - High
- March 25, 2022
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
Memory Corruption
There's a flaw in urllib's AbstractBasicAuthHandler class
CVE-2021-3733
6.5 - Medium
- March 10, 2022
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.
Resource Exhaustion
A flaw was found in python
CVE-2021-3737
7.5 - High
- March 04, 2022
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
Resource Exhaustion
A flaw was found in Python, specifically within the urllib.parse module
CVE-2022-0391
7.5 - High
- February 09, 2022
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.
Injection
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method
CVE-2022-22817
9.8 - Critical
- January 10, 2022
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
CVE-2022-22816
6.5 - Medium
- January 10, 2022
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
Out-of-bounds Read
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
CVE-2022-22815
6.5 - Medium
- January 10, 2022
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
Improper Initialization
The bluemonday sanitizer before 1.0.16 for Go
CVE-2021-42576
9.8 - Critical
- October 18, 2021
The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS)
CVE-2021-23437
7.5 - High
- September 03, 2021
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
Out-of-bounds Read
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7
CVE-2021-34552
9.8 - Critical
- July 13, 2021
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
Classic Buffer Overflow
An issue was discovered in urllib3 before 1.26.5
CVE-2021-33503
7.5 - High
- June 29, 2021
An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.
Resource Exhaustion